Privacy policy

Swisscolocation SA, as Data Controller (hereinafter "Data Controller"), considers privacy and the protection of personal data as an important topic of its activity. For this reason, it processes personal data in accordance with the Federal Data Protection Act (LPD, 25 September 2020) and according to the EU Regulation 2016/679 or GDPR, General Data Protection Regulation, (hereinafter "GDPR"). Therefore, we invite you before communicating any personal data to the Data Controller, to read carefully this Privacy Policy. It contains very useful information on the protection of your personal data.


This Privacy Policy:


  • is intended for the website (hereinafter "Website") and applies in all cases in which reference is made or there is a link to this statement;
  • is an integral part of the Website and the services we offer;
  • is made to those who interact with the web services of the Website, according to Section 13 of the Regulation and Section 19 LPD.


The processing of your personal data will be based on principles of good faith and proportionality, correctness, lawfulness, transparency, limitation of purpose and preservation, minimization and accuracy, integrity and confidentiality, as well as the principle of accountability. Your personal data will therefore be processed in accordance with the laws and confidentiality obligations in force.

We inform you that the personal data processed, depending on your decisions on how to use the services, may consist of any kind of text, images or any other information suitable for make a natural person identified or identifiable, depending on the type of services requested.



The data controller is Swisscolocation SA, whose registered office is at Viale Serfontana 7, 6834 Morbio Inferiore, Switzerland. 



We inform you that the personal data processed may consist of: identity and contact data, includes first name, last name, address, nationality, telephone number, e-mail address; other data not relating to your person are saved for the purpose of technical processes, e.g. IP addresses; any other information (like professional information about you) suitable for make data subjects identified or identifiable.

The personal data processed through the Website are:


a. Personal Data used for website usage analytics:

During their normal operation, the computer systems and software procedures used to operate the website acquire some personal data, the transmission of which is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects and the Data Controller will not attempt in any way to relate the data contained in the protocols of its servers with the people who visited the website. However, such data, through processing and merging with data held by third parties, could make it possible to identify users. As an example, this category of data includes IP addresses or domain names of the computers used by users connecting to the Website, Uniform Resource Identifier (URI) sequences of the requested resources, the time of request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters related to the user's operating system.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website, to check its correct functioning, identify anomalies and/or abuses, as well as to better structure the Website itself. The data could be used to establish responsibility in case of hypothetical computer crimes against the Website or third parties.

b. Personal Data voluntarily provided by the User 

Unless referred to in specific notices, this Privacy Policy shall also be deemed to apply to the processing of data voluntarily provided by you through the Website. In particular, You may provide data either by filling in the form (hereinafter Form) to subscribe to the newsletter and/or request information for services and products, or by sending e-mails. In this regard, we invite you not to enter in the Forms contained within the Website or send us by e-mail information that may fall under the special categories of personal data referred to in Article 9 GDPR (for example, data referring to your political opinions, religious beliefs or your state of health) and personal data worthy of special protection, pursuant to Article 5, para.1 lett.c, LPD.

c. Third-party personal data voluntarily provided by the User

When using particular services, the processing of third parties' personal data, communicated by you to the Data Controller, may occur. In this case, you are the independent controller, assuming all the legal obligations and responsibilities. 
You will be liable for any dispute, claim for compensation, or other request for damages, which should be received by the Data Controller from third parties, whose personal data have been processed in violation of the applicable data protection regulations. 
In any case, if you provide us personal data of third parties, warrant as of now that this particular type of processing is based on the prior obtaining (on your part) of third parties' consent to the processing of his or her personal data.

d. Cookies

The information on cookies is available at the following link.



 The personal data collected by the Data Controller are exclusively those provided when browsing the Website and/or when filling in forms or submitting any requests for information. 

Therefore, personal data will be processed to:
A) Allow you to use the Website;
B) Fulfill requests that may be received through the contact form, including allowing us to contact you at the e-mail address you voluntarily provide;
C) To send the requested newsletter by filling out the appropriate form, subject to the possibility of unsubscribing from the list of recipients by selecting the appropriate link in each message;
D) to fulfill any obligations under applicable laws, regulations, or EU legislation, as well as to comply with requests from the authorities.
E) for statistical purposes, with no possibility of tracing your identity. The processing of your data may be carried out using manual, electronic, and telematics tools, including automated methods designed to store, manage, and transmit them. it will be carried out by means suitable, as far as reasonably possible and in accordance with the state of the art, to guarantee security and confidentiality through the use of suitable procedures that avoid the risk of loss, unauthorized access, illicit use, and dissemination.

Data are stored in computer, telematic, and - residually - paper archives, with full assurance of the security measures provided by the legislator.
Specific security measures are observed to prevent data loss, illicit or incorrect use, and unauthorized access.



Depending on how you choose to use the services provided by the Site, the legal basis of the processing of personal data may be:

A) express consent, by accepting the Cookie Policy and continuing to browse the Website;
B and C) the legitimate interest in processing personal data to provide the best service, respond to requests received, and send newsletters; 
D) the need to fulfill a legal obligation or respond to an authority;
E) this processing is not performed on personal data; therefore, it can be freely carried out by the Controller.



Swisscolocation does not sell, transmits, disseminate or otherwise make available your personal data to third parties.

If required from time to time, we disclose personal data to public authorities, regulators or governmental bodies, including when required by law or regulation, under a code of practice or conduct, or when these authorities or bodies require us to do so.

Your personal data could be communicated mainly to third parties such as:

Categories of recipients Purposes
Companies belonging to Data Controller or parent and subsidiary companies   Fulfillment of administrative and accounting requirements as well as those connected with the contractual services
Third party providers Performance of services (assistance, maintenance, delivery/shipping of products, performance of additional services, providers of networks and electronic communication services) associated with the requested service
External professionals/consultants and consulting firms

Fulfillment of legal requirements, exercising rights, protecting contractual rights, credit recovery

Credit and electronic payment institutions, post offices, insurance institutions Managing deposits, payments, reimbursements associated with the contractual service
Financial Administration, Public Agencies, Legal Authorities, Supervisory and Oversight Authorities Fulfillment of legal requirements, protection of rights; lists and registries held by Public Authorities or similar agencies based on specific regulations relating to the contractual service

Third party service providers have access to personal information needed to perform their functions but may not use it for other purposes. Further, they must process the personal information in accordance with this Privacy Policy and as permitted by the GDPR.



Your personal data are processed in the country where the Data Controller is located. 

We inform you that Switzerland is a country in which personal data can be processed and transferred also in accordance with the GDPR, because the European Commission has recognized Switzerland as providing adequate protection for personal data. The European Commission has the power to determine, based on article 45 of Regulation (EU) 2016/679 whether a country outside the EU offers an adequate level of data protection and thanks to the Decision of 26 July 2000, personal data can flow from the EU to Switzerland without any further safeguard being necessary. In other words, transfers to the country in question will be assimilated to intra-EU transmissions of data.

According to GDPR, this Decision “shall remain in force until amended, replaced or repealed by a Commission Decision”.

In case of transfer of personal data to other countries belonging to the European Union, in compliance with Article 16 et seq. FADP and Article 8 et seq. OPDa, the country of destination will be part of the countries listed in Annex 1 OPDa, i.e., countries which the Federal Council considers having legislation that guarantees adequate data protection. 

In the absence of the aforementioned adequate guarantees, transfers will be permitted only in compliance with the provisions of Art. 17 FADP and Art. 8 et seq. OPDa. Specific notice of such transfers will be given to the data subject.



Unless specified otherwise, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.



The data subject is granted the following rights: 

1) the right of access, i.e., to obtain confirmation from the Data Controller that personal data is or is not being processed, as well as to obtain information regarding the purposes and methods of processing, the recipients of the data, the criteria used to determine the period of data retention, the origin of the data (if not collected from the data subject), and the existence of an automated decision-making process; the Data Controller shall provide a copy of the personal data being processed;
2) the right to obtain rectification and integration of incomplete personal data, including by providing a supplementary statement;
3) the right to the deletion of data; this right may be limited if the processing is necessary for the establishment, exercise, or defense of a right in judicial proceedings;
4) the right to obtain from the Data Controller the limitation of the processing;
5) the right to revoke consent, without affecting the lawfulness of the processing based on the consent given before its revocation;
6) the right to object, for legitimate reasons, to the processing of one's personal data, including in the case of processing for direct marketing purposes;
7) the right to data portability;
8) the right to object to automated decision-making regarding natural persons, including profiling;
9) the right to lodge a complaint with a supervisory authority.

The data subject may also initiate actions concerning the protection of personality by requesting the prohibition of certain processing of personal data, the prohibition of the disclosure of personal data to third parties, and the deletion or destruction of data, as provided for in Article 32, para. 2, FADP.

These rights may be exercised by sending an e-mail to

The Data Controller will attempt to give the requested information within 30 days (or will communicate the time frame within which the information can be provided) and free of charge, unless a fee is charged if the provision of the information involves a disproportionate effort.



In order to use the services provided through the Website, it is necessary to be older than sixteen years: consent to the processing of personal data of a minor under sixteen years is lawful provided that it is exercised by the person exercising parental responsibility.



For the purposes of ensuring compliance with GDPR, the Data Controller appointed a member of our internal Legal Office as a representative established in a Member State, pursuant to art. 27 GDPR, reachable at the e-mail address



The Data Controller reserves the right to modify or simply update the content of this Privacy Policy, in part or completely, also due to changes in the applicable legislation.



To exercise the above rights or for any other request you can send an e-mail to